• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Search Results for: tagdiv

Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

August 22, 2018Denis Sinegubko

Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

This August, we’ve seen a new massive wave of WordPress infections that redirect visitors to unwanted sites. When redirected, users see annoying pages with random utroro[.]com addresses and fake reCAPTCHA images. The messages and content try to convince visitors to verify and subscribe to browser…

Read More about Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

Massive 1800ForBail WordPress Hacks

June 28, 2019Denis Sinegubko

Massive 1800ForBail WordPress Hacks

Sucuri malware analyst Kaushal Bhavsar recently brought our attention to a massive campaign responsible for adding either “1800ForBail” or “1800ForBail – One+Number” keywords to the titles of vulnerable WordPress sites….

Read More about Massive 1800ForBail WordPress Hacks

Labs Note

May 28, 2019John Castro

Malware Campaign Evolves to Target New Plugins: May 2019

A long-lasting malware campaign targeting deprecated, vulnerable versions of plugins continues to be leveraged by attackers to inject malicious scripts into affected websites. Easily automated vulnerabilities are the first choice…

Read More about Malware Campaign Evolves to Target New Plugins: May 2019

Labs Note

March 25, 2019John Castro

Multi-Vector Attack in Server Logs

We recently noticed an increase on suspicious requests in our logs which reveal a planned attack against the Social Warfare plugin. Bad actors added this brand new exploit to an…

Read More about Multi-Vector Attack in Server Logs

Fake UpdraftPlus WordPress Plugin

November 9, 2018Pedro Peixoto

Erealitatea[.]net Hack Corrupts Websites with WP GDPR Compliance Plugin Vulnerability

We have noticed a growing number of WordPress-based sites that have had their URL settings changed to hxxp://erealitatea[.]net. Further investigations show that the issue is related to a security vulnerability…

Read More about Erealitatea[.]net Hack Corrupts Websites with WP GDPR Compliance Plugin Vulnerability

Multiple Ways to Inject Tech Support Scams

October 23, 2018Denis Sinegubko

Multiple Ways to Inject the Same Tech Support Scam Malware

Last month, we shared information about yet another series of ongoing massive infections using multiple different vectors to inject malicious scripts into WordPress websites. Shortly after, the campaign changed the…

Read More about Multiple Ways to Inject the Same Tech Support Scam Malware

Labs Note

September 18, 2018Denis Sinegubko

Multi-Vector WordPress Infection from Examhome

This September, we’ve been seeing a massive infection wave that injects malicious JavaScript code into .js, .php files and the WordPress database.> The script looks like this: eval(String.fromCharCode(118, 97, 114,…

Read More about Multi-Vector WordPress Infection from Examhome

Javascript Injection Creates Rogue WordPress User

December 14, 2017Douglas Santos

Javascript Injection Creates Rogue WordPress Admin User

Earlier this year, we faced a growing volume of infections related to a vulnerability in outdated versions of the Newspaper and Newsmag themes. The infection type was always the same:…

Read More about Javascript Injection Creates Rogue WordPress Admin User

abandoned scripts and pitfalls of cleaning serialized data blog post header

September 13, 2017Denis Sinegubko

Old Themes, Abandoned Scripts and Pitfalls of Cleaning Serialized Data

Over the summer, we’ve seen waves of WordPress database infections that use vulnerabilities in tagDiv’s Newspaper/Newsmag themes or InterconnectIT Search and Replace scripts (searchreplacedb2.php). The injections range from ad scripts…

Read More about Old Themes, Abandoned Scripts and Pitfalls of Cleaning Serialized Data

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.